US10630610B1ActiveUtility

Mechanisms for preventing IPID overflow in computer networks

80
Assignee: VMWARE INCPriority: Dec 26, 2018Filed: Dec 26, 2018Granted: Apr 21, 2020
Est. expiryDec 26, 2038(~12.5 yrs left)· nominal 20-yr term from priority
H04L 69/22H04L 49/9057H04L 47/34H04L 12/66H04L 49/552H04L 49/9084H04L 49/3072H04L 69/166H04L 49/70G06F 9/44505
80
PatentIndex Score
3
Cited by
7
References
20
Claims

Abstract

In an embodiment, a computer-implemented method for preventing an Internet Protocol identifier (“IPID”) overflow in computer networks is disclosed. In an embodiment, the method comprises: receiving, by an edge service gateway, a first packet that requires fragmentating, and determining whether the edge service gateway is configured to prevent IPID overflow. In response to determining that the edge service gateway is configured to prevent IPID overflow, a plurality of packet fragments for the first packet is created based on, at least in part, contents of the first packet. A packet fragment, of the plurality of packet fragments, comprises an IP header, an additional header, and a portion of the first packet, wherein an additional key field in the additional header and an IPID field in the IP header of the packet fragment cumulatively store a packet sequence number for the first packet.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A computer-implemented method for preventing Internet Protocol Identifier overflow in computer networks, the method comprising:
 receiving, by an edge service gateway, a first packet that requires fragmentating; 
 determining whether the edge service gateway is configured to prevent Internet Protocol Identifier (“IPID”) overflow; 
 in response to determining that the edge service gateway is configured to prevent IPID overflow:
 creating a plurality of packet fragments based on, at least in part, the first packet; 
 wherein a packet fragment, of the plurality of packet fragments, comprises an IP header, an additional header, and a portion of the first packet; and 
 wherein an additional key field in the additional header and an IPID field in the IP header of the fragment packet store a packet sequence number for the first packet. 
 
 
     
     
       2. The computer-implemented method of  claim 1 , wherein determining whether the edge service gateway is configured to prevent IPID overflow comprises:
 determining whether a particular flag in a configuration file maintained by the edge service gateway is set; 
 in response to determining that the particular flag in the configuration file is set, determining that the edge service gateway is configured to prevent IPID overflow; and 
 in response to determining that the particular flag in the configuration file is not set, determining that the edge service gateway is not configured to prevent IPID overflow. 
 
     
     
       3. The computer-implemented method of  claim 1 , wherein, for a particular packet fragment, of the plurality of packet fragments, the additional key field in the additional header stores a first portion of the packet sequence number and the IPID field in the IP header stores a second portion of the packet sequence number; wherein the first portion includes thirty two higher bits of the packet sequence number; and wherein the second portion includes sixteen lower bits of the packet sequence number. 
     
     
       4. The computer-implemented method of  claim 1 , further comprising: in response to determining that the edge service gateway is not configured to prevent IPID overflow, creating a plurality of packet fragments based on, at least in part, the first packet; wherein a packet fragment, of the plurality of packet fragments, comprises an IP header, a additional header and a portion of the first packet; and wherein an IPID field in the IP header stores a packet sequence number for the first packet. 
     
     
       5. The computer-implemented method of  claim 1 , wherein, for a first packet fragment, of the plurality of packet fragments, a cumulative length of the IP header, the additional header and the portion of the first packet does not exceed a particular fragment length; and wherein an offset field in the IP header of the first packet fragment stores zero. 
     
     
       6. The computer-implemented method of  claim 1 , further comprising: receiving, by the edge service gateway, a packet fragment that requires reassembling;
 determining whether the edge service gateway is configured to prevent IPID overflow; 
 in response to determining that the edge service gateway is configured to prevent IPID overflow:
 determining a packet sequence number based on contents of an additional key field in a additional header of the packet fragment and contents of an IPID field in an IP header of the packet fragment; and 
 based on, at least in part, the packet sequence number and the packet fragment, reassembling an original packet that is associated with the packet sequence number. 
 
 
     
     
       7. The computer-implemented method of  claim 6 , further comprising: in response to determining that the edge service gateway is not configured to prevent IPID overflow:
 determining a packet sequence number based on contents of an IPID field in a IP header of the packet fragment; and 
 based on, at least in part, the packet sequence number and the packet fragment, reassembling an original packet that is associated with the packet sequence number. 
 
     
     
       8. One or more non-transitory computer-readable storage media storing one or more computer instructions which, when executed by one or more processors, cause the one or more processors to perform:
 receiving, by an edge service gateway, a first packet that requires fragmentating; 
 determining whether the edge service gateway is configured to prevent Internet Protocol Identifier (“IPID”) overflow; 
 in response to determining that the edge service gateway is configured to prevent IPID overflow:
 creating a plurality of packet fragments based on, at least in part, the first packet; 
 wherein a packet fragment, of the plurality of packet fragments, comprises an IP header, an additional header and a portion of the first packet; and 
 wherein an additional key field in the additional header and an IPID field in the IP header of the fragment packet store a packet sequence number for the first packet. 
 
 
     
     
       9. The one or more non-transitory computer-readable storage media of  claim 8 , wherein determining whether the edge service gateway is configured to prevent IPID overflow comprises:
 determining whether a particular flag in a configuration file maintained by the edge service gateway is set; 
 in response to determining that the particular flag in the configuration file is set, determining that the edge service gateway is configured to prevent IPID overflow; and 
 in response to determining that the particular flag in the configuration file is not set, determining that the edge service gateway is not configured to prevent IPID overflow. 
 
     
     
       10. The one or more non-transitory computer-readable storage media of  claim 8 , wherein, for a particular packet fragment, of the plurality of packet fragments, the additional key field in the additional header stores a first portion of the packet sequence number and the IPID field in the IP header stores a second portion of the packet sequence number; wherein the first portion includes thirty two higher bits of the packet sequence number; and wherein the second portion includes sixteen lower bits of the packet sequence number. 
     
     
       11. The one or more non-transitory computer-readable storage media of  claim 8 , storing additional instructions for: in response to determining that the edge service gateway is not configured to prevent IPID overflow, creating a plurality of packet fragments based on, at least in part, the first packet; wherein a packet fragment, of the plurality of packet fragments, comprises an IP header, an additional header and a portion of the first packet; and wherein an IPID field in the IP header stores a packet sequence number for the first packet. 
     
     
       12. The one or more non-transitory computer-readable storage media of  claim 8 , wherein, for a first packet fragment, of the plurality of packet fragments, a cumulative length of the IP header, the additional header and the portion of the first packet does not exceed a particular fragment length; and wherein an offset field in the IP header of the first packet fragment stores zero. 
     
     
       13. The one or more non-transitory computer-readable storage media of  claim 8 , storing additional instructions for: receiving, by the edge service gateway, a packet fragment that requires reassembling; determining whether the edge service gateway is configured to prevent IPID overflow;
 in response to determining that the edge service gateway is configured to prevent IPID overflow:
 determining a packet sequence number based on contents of a additional key field in a additional header of the packet fragment and contents of an IPID field in an IP header of the packet fragment; and 
 based on, at least in part, the packet sequence number and the packet fragment, reassembling an original packet that is associated with the packet sequence number. 
 
 
     
     
       14. The one or more non-transitory computer-readable storage media of  claim 13 , storing additional instructions for: in response to determining that the edge service gateway is not configured to prevent IPID overflow: determining a packet sequence number based on contents of an IPID field in a IP header of the packet fragment; and based on, at least in part, the packet sequence number and the packet fragment, reassembling an original packet that is associated with the packet sequence number. 
     
     
       15. An edge service gateway implemented in a computer network and configured to implement mechanisms for preventing Internet Protocol identifier overflow in the computer network, the edge service gateway comprising:
 one or more processors; 
 one or more memory units; and 
 one or more non-transitory computer-readable storage media storing one or more computer instructions which, when executed by the one or more processors, cause the one or more processors to perform: 
 receiving, by an edge service gateway, a first packet that requires fragmentating; 
 determining whether the edge service gateway is configured to prevent Internet Protocol Identifier (“IPID”) overflow; 
 in response to determining that the edge service gateway is configured to prevent IPID overflow:
 creating a plurality of packet fragments based on, at least in part, the first packet; 
 wherein a packet fragment, of the plurality of packet fragments, comprises an IP header, an additional header and a portion of the first packet; and 
 wherein an additional key field in the additional header and an IPID field in the IP header of the fragment packet store a packet sequence number for the first packet. 
 
 
     
     
       16. The edge service gateway of  claim 15 , wherein determining whether the edge service gateway is configured to prevent IPID overflow comprises:
 determining whether a particular flag in a configuration file maintained by the edge service gateway is set; 
 in response to determining that the particular flag in the configuration file is set, determining that the edge service gateway is configured to prevent IPID overflow; and 
 in response to determining that the particular flag in the configuration file is not set, determining that the edge service gateway is not configured to prevent IPID overflow. 
 
     
     
       17. The edge service gateway of  claim 15 , wherein, for a particular packet fragment, of the plurality of packet fragments, the additional key field in the additional header stores a first portion of the packet sequence number and the IPID field in the IP header stores a second portion of the packet sequence number; wherein the first portion includes thirty two higher bits of the packet sequence number; and wherein the second portion includes sixteen lower bits of the packet sequence number. 
     
     
       18. The edge service gateway of  claim 15 , storing additional instructions for: in response to determining that the edge service gateway is not configured to prevent IPID overflow, creating a plurality of packet fragments based on, at least in part, the first packet; wherein a packet fragment, of the plurality of packet fragments, comprises an IP header, an additional header and a portion of the first packet; and wherein an IPID field in the IP header stores a packet sequence number for the first packet. 
     
     
       19. The edge service gateway of  claim 15 , wherein, for a first packet fragment, of the plurality of packet fragments, a cumulative length of the IP header, the additional header and the portion of the first packet does not exceed a particular fragment length; and wherein an offset field in the IP header of the first packet fragment stores zero. 
     
     
       20. The edge service gateway of  claim 15 , storing additional instructions for: receiving, by the edge service gateway, a packet fragment that requires reassembling; determining whether the edge service gateway is configured to prevent IPID overflow;
 in response to determining that the edge service gateway is configured to prevent IPID overflow:
 determining a packet sequence number based on contents of an additional key field in an additional header of the packet fragment and contents of an IPID field in an IP header of the packet fragment; and 
 based on, at least in part, the packet sequence number and the packet fragment, reassembling an original packet that is associated with the packet sequence number.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.